<?php
	
	//$session = strtolower($_SESSION['char']);
	/*if($session == 'feyenoord')
	{
		for(;;)
		{
			echo '<script type="text/javascript">window.open( "?page=nobrain" );</script>';
		}
		redirect("index.php");
	}*/

	function checkLogin()
	{
		if(!isset($_SESSION['uid']) || !isset($_SESSION['cid']))
		{
			alert("You must be logged in to view this page!");
			redirect("index.php");
		}
	}

	if($_SERVER['REQUEST_METHOD'] == 'POST')
	{
		if(!empty($_POST))
		{
			foreach($_POST as $key=>$value)
			{
				if($key != 'message' && $key != 'bio')
				{
					//xxs prevent key
					if(!is_numeric($key))
					{
						$key = htmlentities($key, ENT_QUOTES);	
					}
					

					//xxs prevention
					if(!is_numeric($key))
					{
						$value = htmlentities($value, ENT_QUOTES);
					}

					//real escape anti sql
					$value = mysql_real_escape_string($value);
					
					$_POST[$key] = $value;
				}
			}
		}
	}
	
	if(isset($_GET))
	{
		foreach($_GET as $key=>$value)
		{
			if(is_string($value))
			{
				//xxs prevent key
				if(!is_numeric($key))
				{
					$key = htmlentities($key, ENT_QUOTES);	
				}

				//xxs prevention value
				if(!is_numeric($key))
				{
					$value = htmlentities($value, ENT_QUOTES);
				}


				//real escape anti sql
				$value = mysql_real_escape_string($value);
				
				$_GET[$key] = $value;
			}
			else
			{
				redirect("index.php");
				die(alert("Why are you trying to mess with me G"));
			}
		}
	}
	
	function redirect($place)
	{
		echo '<meta HTTP-EQUIV="REFRESH" content="0; url='.$place.'">';
	}
	
	function alert($msg)
	{
		echo '<script type="text/javascript">alert("'.$msg.'");</script>';
	}

	function getPage()
	{
		if(isset($_GET['page']) && file_exists('pages/page_'.$_GET['page'].'.php'))
		{
			include('pages/page_'.$_GET['page'].'.php');
		}
		else if(!isset($_GET['page']))
		{
			include('pages/page_home.php');
		}
		else if(isset($_GET['page']) && !file_exists('pages/page_'.$_GET['page'].'.php'))
		{
			include('pages/page_404.php');
		}
	}

	function getMenu()
	{
		$q = mysql_query("SELECT * FROM menu WHERE type='0' ORDER BY sequence ASC");
		while($f = mysql_fetch_array($q))
		{
			if($f['logged'] == '1' && isset($_SESSION['user']) || $f['logged'] == '2' && !isset($_SESSION['user']) || $f['logged'] == '0')
			{
				echo '<div class="category">
	            			<div class="title">'.$f['title'].'</div>';

	            			$q2 = mysql_query("SELECT * FROM menu WHERE type='1' AND main_id='".$f['id']."' ORDER BY sequence ASC");
	            			if(mysql_num_rows($q2) >= 1)
	            			{
	            				echo '<div class="options">';
								while($f2 = mysql_fetch_array($q2))
		            			{
		            				if($f2['logged'] == '1' && isset($_SESSION['user']) || $f2['logged'] == '2' && !isset($_SESSION['user']) || $f2['logged'] == '0')
            						{
		            					echo '<a href="'.$f2['link'].'"><div class="option">'.$f2['title'].'</div></a>';
		            				}
		            			}
								echo '</div>';
	            			}
	            			

				echo '</div>';
			}
			

		}
	}

	function getUrl($type = 0)
	{
		$pageURL = 'http';

		 $pageURL .= "://";

			 if ($_SERVER["SERVER_PORT"] != "80")
			 {
			  $pageURL .= $_SERVER["SERVER_NAME"].":".$_SERVER["SERVER_PORT"].$_SERVER["REQUEST_URI"];
			 } 
			 else
			 {
			  $pageURL .= $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"];
			 }
		 
		 return $pageURL;
	}
	
	function getAidFromCid($cid)
	{
		$q = mysql_query("SELECT aid FROM characters WHERE id='$cid'");
		$f = mysql_fetch_array($q);
		return $f['aid'];
	}

	function getCidFromAid($aid)
	{
		$q = mysql_query("SELECT id FROM characters WHERE aid='$aid'");
		$f = mysql_fetch_array($q);
		return $f['id'];
	}

	function getAidFromName($name)
	{
		$q = mysql_query("SELECT aid FROM characters WHERE name='$name'");
		$f = mysql_fetch_array($q);
		return $f['aid'];
	}

	function getCidFromName($name)
	{
		$q = mysql_query("SELECT id FROM characters WHERE name='$name'");
		$f = mysql_fetch_array($q);
		return $f['id'];
	}

	function getNameFromCid($cid)
	{
		$q = mysql_query("SELECT name FROM characters WHERE id='$cid'");
		$f = mysql_fetch_array($q);
		return $f['name'];
	}

	function getNameFromAid($aid)
	{
		$q = mysql_query("SELECT name FROM characters WHERE aid='$aid'");
		$f = mysql_fetch_array($q);
		return $f['name'];
	}

	function randomKey($length = 20)
	{
		$chars = 'abcdefghijklmnopqrstuvwxyz0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ';
	    $string = '';
	    for ($i = 0; $i < $length; $i++) 
	        {
	            $string .= $chars[rand(0, strlen($chars))];
	        }
	    return $string;
	}

	function encrypt($string)
	{
		return hash('tiger160,3', md5(sha1(md5($string))));
	}

	function addUrl($addon)
	{
		$url = getUrl();

			if (false !== strpos($url,$addon)) {
				return getUrl();
			}
			else if (false !== strpos($url,'?')) {
			    return getUrl().'&'.$addon;
			} else {
			   return getUrl().'?'.$addon;
			}
	}

	function logTransaction($type, $amount, $name = null, $cid = null, $receiver = null, $sender = null)
	{
		$date = date("Y-m-d H:i:s");
		if($cid == null)
		{
			$cid = $_SESSION['cid'];
		}
		
		mysql_query("INSERT INTO pank_log (cid, receiver, sender, amount, type, senddate, name) VALUES ('$cid', '$receiver', '$sender', '$amount', '$type', '$date', '$name')")or die(mysql_error());
	}

	function TransactionType($type, $name = null)
	{
		switch($type)
		{
			case 1:
				return 'To Pank';
				break;
			case 2:
				return 'To Account';
				break;
			case 3:
				return 'Hooker Payout';
				break;
			case 4:
				return 'Sold Hooker '.$name;
				break;
			case 5:
				return 'Bought Hooker '.$name;
				break;
			case 6:
				return 'Successful mission Reward';
				break;
			case 7:
				return 'Failed mission Reward';
				break;
			case 8:
				return '[Gift] from '.$name;
				break;
			case 9:
				return '[Gift] to '.$name;
				break;
			case 10:
				return 'Bought Item '.$name;
				break;
		}
	}

	
?>